I am trying to develop an a business application. I intend to host it on Google App Engine and use Google DataStore as a backend database. How can my users register with the application using their Google, Yahoo and Facebook accounts apart from the naive conventional sign up method? When ever the user registers using the aforementioned third party services how does my DataStore gets updated with the users details? help me to plan the logic
I hope this help.
You can use Federated Login(OpenId) for that.
Each provider has its own particular data structure(name, userName, country, language, etc).
Regards.
Related
I am building a reservation system in Google App Engine using Go. I need 2 forms of authentication in my program.
Public Form -- form built in Angular that is on our public website. I want my front-end to have some sort of credentials.json file to use when requesting the book and getOpenDates endpoints in my RESTful API running in Go on Google App Engine.
Private Companion App -- protected by username and password that the user supplies in my app built in Flutter. The app is requesting many endpoints in App Engine. I would like to use JWT to authenticate this portion, but I'm not 100% sure JWT is what I need.
I'm not sure if this tutorial on Identity Platform is what I want. I'm very new to App Engine and authentication in general, so I am a bit lost.
Please describe how I could implement these authentication methods in my RESTful API in Go running on Google's App Engine. I think I may be able to implement the username/password method using a tutorial like this but I'm very lost on the 1st form of authentication with just a credentials file as authentication. If I'm going in the complete wrong direction to accomplish what I want please tell me, but what I'm looking for is code or a tutorial describing how to authenticate using these 2 methods. Thanks for any help.
From what I understand, you want to have a golang backend API in App Engine that serves both your web frontend (1.) and your users app (2.).
I am going to suppose that any user with username/password can use both your frontends: the web app and the mobile app with these credentials.
The credentials.jsons are not designed to authenticate users of your services, but rather server to server communication.
With that in mind, I have found the guide Session based authentication in golang, that could help you to set up your backend to accept only authenticated requests over HTTPS. The web browser will automatically save the cookie, however you need to store the cookie in your mobile app.
For much more complicated scenarios for authenticating from different webpages, it is required to use OAuth2 as you can see in this thread. If you don't find any of your requirements listed in here it is probably overkill to use Auth0 nor OAuth2.
I'm new to web dev, and trying to build an application using google app engine's java standard environment, which will require user authentication. I'd like to provide authentication which requires only a username and password of the user, as opposed to a phone number or social account.
As I look through the options listed in app engine's auth tutorial, if I'm understanding them correctly, none of them allow login without a phone number or social account? https://cloud.google.com/appengine/docs/standard/java/oauth/
If so, are there alternatives available while still using app engine? I've read some about 'web container managed authentication' but I'm not sure if its something app engine will support, or if its a full solution.
Is it possible/feasible to roll fully custom authentication in the app engine standard environment? As I search for custom authentication tutorials I see a lot of articles recommending against this, but it's not clear to me what the alternative is.
Thanks for any information
As it's mention on the OpenID Connect documents of Google Cloud, it's important for you and your users security to authenticate using well proven and debugged code. Google offers Firebase Authentication which let's users log in with an Email and password.
If you still want to implement the authorize part on your own, you can use your preferred web framework and probably it will have an authorizing process.
For example, in python you can use Django authorize system to provide users for a custom way to log in.
But, as I said before, I highly recommend you to use the Google APIs for authorizing as they are OpenID certificated.
I'm building a website in Go(lang) using Google App Engine. I want users to be able to register for the site by providing an Email and Password. I don't want to use the users API, because I don't want my users to require a google account and I eventually plan on making this a pay site.
What is a good way to handle user registration/authentication on google app engine? Should I use the datastore for user accounts and credentials, or Cloud SQL? Any other good options? I don't know where to start.
IMHO it's easier to use an existing, reputable infrastructure/service.
Google offers such services, see What is the difference between Google identity toolkit, Google OAauth and Google+ sign in.
I opted for the Google Identity Toolkit, which nicely supports simultaneously both private accounts and federated logins with several popular identity providers.
Update June 17, 2016: The banner on the GITkit doumentation authentication indicates GITkit may be on its way out, to be absorbed into the Firebase Authentication.
I have integrated my application with Google apps marketplace with old version of OpenID and getting the data from Google calendar by using Google calendar version 2 API. Now I need to integrate every thing to new version. I have confused a little bit as Google is providing various authentication and authorization process. I looked in to OpenID connect, JWT (JSON Web Token), Google calendar version 3 service account. May any one please help me out from this issue like that should I use to authenticate as well as for authorization. Thanks in advance.
https://developers.google.com/accounts/docs/OAuth2 gives a good overview on various ways to authenticate with Google APIs and when to use them. For instance JWT is useful when your application uses Google APIs to store/retrieve its own data i.e. not to access data of your application's user.
Also see https://developers.google.com/google-apps/calendar/auth
I've got a google spreadsheet owned by a GAE service account and I want my GAE Python app to update a cell in one of the rows.
Based on some reading, these are my findings:
the spreadsheets service is old-school. It's a Google Data API and most Google services are now on the Google API platform. For Google API services, one can use a service account to do two-legged oauth2 access, but not for Google Data API services. Oh, it seems one can do two-legged oauth on Google Data API services, but only if the app is on a Google Apps domain (which mine isn't)
I could implement a similar effect (i.e. a user of the app can use data in my spreadsheet and doesn't need to login or authorize in any way) by using my personal account. There's a complicated way that involves me to authorize the app once, store the token and reuse it when a user uses the app. There's another way, which is to use client login (i.e. I embed my personal login and password in the code and use it to authorize the app to access the data in my spreadsheet)
This latter approach seems fairly safe as well, but of course I must be very careful that my source code will not be exposed. The authorization is between the GAE app and the Google Data Spreadsheets API, so the actual user's machine is not involved at all.
My spreadsheet is owned by the service account and shared with my personal account.
Note that my app is also using the Google Drive API (to access some personal Drive files, also shared between me and the GAE service account), so for that it will authorize using the service account.
Can someone confirm that my findings are correct and this approach is sound?
You can use gdata.spreadsheets.client (Google Data API) on the OAuth2 (Google API platform) flow.
https://github.com/HatsuneMiku/googleDriveAccess
It uses 'oauth2client-gdata-bridge'.